﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using System.Configuration;
using SnailGame.Utility.DataAccess;

using Com.Crc.PoJo.Model.Security;

namespace CRC.DAL.Security
{
    public class UserSecurityDAL
    {
        public void a(){}
        public UserEntity GetUserInfo(string strAccount, string strPassword, ref string strErrInfo)
        {
            try
            {
                UserEntity entity = new UserEntity();
                string strSql = " SELECT N_USER_ID,S_NAME,S_PASSWORD,S_ACCOUNT,S_EMPLOYEE_ID,S_EMAIL,S_STATE "
                    + "             FROM dbo.SEC_USER "
                    + "            WHERE S_ACCOUNT ='" + strAccount + "' "
                    + "              AND S_PASSWORD='" + strPassword + "' ";
                DataBroker broker = new DataBroker();
                DataTable dt = broker.ExecuteQueryForOleDB(strSql, ConfigurationManager.ConnectionStrings["CRCAppConn"].ToString());

                if (dt.Rows.Count > 0)
                {
                    DataRow row = dt.Rows[0];
                    entity.UserID = int.Parse(row["N_USER_ID"].ToString());
                    entity.LoginAccount = row["S_ACCOUNT"].ToString();
                    entity.Password = row["S_PASSWORD"].ToString();
                    entity.Name = row["S_NAME"].ToString();
                    entity.EmployeeID = row["S_EMPLOYEE_ID"].ToString();
                    entity.Email = row["S_EMAIL"].ToString();
                    entity.Deleted = row["S_STATE"].ToString();
                }
                return entity;
            }
            catch (Exception ex)
            {
                strErrInfo = ex.Message.ToString();
                return null;
            }
        }
    }
}
